Kaspersky ID:
KLA11557
Дата обнаружения:
10/09/2019
Обновлено:
22/01/2024

Описание

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
  2. An information disclosure vulnerability in Microsoft Edge based on Edge HTML can be exploited remotely via specially crafted content to obtain sensitive information;
  3. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code;
  4. A security feature bypass vulnerability in Microsoft Browser can be exploited remotely via specially crafted to bypass security restrictions;
  5. A remote code execution vulnerability in VBScript can be exploited remotely via specially crafted website to execute arbitrary code.

Первичный источник обнаружения

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2019-1138
    critical
  • CVE-2019-1298
    critical
  • CVE-2019-1237
    critical
  • CVE-2019-1300
    critical
  • CVE-2019-1217
    critical
  • CVE-2019-1299
    warning
  • CVE-2019-1221
    critical
  • CVE-2019-1220
    warning
  • CVE-2019-1236
    critical
  • CVE-2019-1208
    critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.